April 2021: Patch Watch Digest
Posted on 14th May, 2021 | By Pavithra Shankar
Highlights of April Digest
We have 46 vulnerabilities that are known exploits. Here is our analysis –
1 CVE is linked to CryptoMix ransomware.
5 CVEs were alerted by CISA.
5 CVEs have RCE capabilities.
1 CVE with Privilege Escalation weakness.
2 CVEs are associated with Denial of Service.
1 CVE is rated critical and 22 are of high severity.
735 Old vulnerabilities have been issued security updates ranging from the year 2003 to 2020.
1 CVE is linked CrpytoMix ransomware.
12 CVEs have been alerted by CISA.
19 CVEs are critical and 213 are high severity.
89% of the weaponized vulnerabilities are old weaknesses which shows that attackers systematically target them to exploit.
Microsoft issued patches for 108 security vulnerabilities, including five Zero days (CVE-2021-2709, CVE-2021-28312, CVE-2021-28437, CVE-2021-28458, CVE-2021-28310)
Oracle rolls out 390 security patches in which 221vulnerabilities are remotely exploitable.
31 vulnerabilities have been issued a warning alert by CISA
5 CVEs have been weaponized with known exploits.
3 CVEs are rated critical, and 9 of high severity.
Table: April 2021 Security Patches
Patching can be a time-consuming task, but organizations should streamline a clear risk management strategy in place to minimize the potential threats. CSW’s patchwatch helps organizations and their overworked security teams to patch the most critical vulnerabilities and improve their security posture. Get on our mailing list for more information about emerging threats.
Get a complete Attack Surface Management as a Service. Talk to us.